Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
homeph_design 路径游历漏洞
Vulnerability Description
HomePH Design 是一个开源的基于php的CMS系统。 HomePH Design 2.10 RC2存在多个目录遍历漏洞, 在register_globals被激活时,远程攻击者通过(1) 对(a) admin/templates/template_thumbnail.php的thumb_template参数, 以及(2)对(b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogale
CVSS Information
N/A
Vulnerability Type
N/A